...
SAML-based authentication for patrons requires certain configuration to be set up to work correctly. Configuration parameters are described in the table Table I.
Table I.
...
SAML Authentication Provider Configuration
Parameter Name | Mandatory | Description |
Service Provider’s XML metadata | Yes | SAML metadata of the Circulation Manager\'s Service Provider in an XML format. MUST contain exactly one SPSSODescriptor tag with at least one AssertionConsumerService tag with Binding attribute set to urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST. You can use OneLogin SAML Tools to build SP metadata |
Service Provider’s private key | No | Private key used for encrypting and signing SAML requests |
Identity Provider’s XML metadata | Yes | SAML metadata of Identity Providers in an XML format. MAY contain multiple IDPSSODescriptor tags but each of them MUST contain at least one SingleSignOnService tag with Binding attribute set to urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect. You can use OneLogin SAML Tools to buil build IdP metadata |
SAML token expiration daysInternal signing secret for OAuth and SAML bearer tokens | No | Days until a Bearer token used by the SAML authentication provider expiresSecret used for signing Bearer tokens issued by SAML authentication provider and used by client applications to confirm their authentication status |
Setting up a SAML authentication provider in Circulation Manager
...